CloudBurst 2015
Here are some of my notes from Sweden Azure User Group's CloudBurst 2015 at Microsoft premises in Stockholm. The recordings have been made available (courtesy of Live Arena), and if you're interested in the agenda for the two days, it is here.
The speakers had been invited and then got to decide for themselves, what they wanted to speak about (given the Azure context, of course). It turned out fairly varied, but with a certain emphasis on identity services / management and microservice characteristics.
The speakers had been invited and then got to decide for themselves, what they wanted to speak about (given the Azure context, of course). It turned out fairly varied, but with a certain emphasis on identity services / management and microservice characteristics.
Azure
Service Fabric
Still in preview;
not likely to be released this year. Is considered PaaS v2, superseding Microsoft's current Cloud Application platform (Web- and Worker Roles).
Things like Azure
Service Bus, Azure SQL database and Cortana runs on Service Fabric. Now, they are
packaging it up for consumption, just like they did with Azure AD.
Micro service is:
Logic & state that is independently versioned, deployed and scaled.
Today's cloud
services are stateless - you shouldn't store data in the instances themselves,
but instead rely on Azure Storage or similar services. Microsoft's fabric offering
comes with a stateful variant as well, something which reduces latency and
simplifies your architecture, since you can rely on the fabric to replicate
data for you.
Service Fabric can
be run in Azure, Amazon Web Services, on premise, on Linux and Windows. It was built because
Microsoft needed to solve the Microservice problem for their own teams.
Service Fabric
spreads out an application upon deployment, hosting one primary and several
secondaries. Data is replicated between the instances. Once a node fails, one
of the secondaries are promoted to primary, already having the current
application state.
In reliable
services, you utilize reliable collections, a continuation of
concurrent collections, having replication built-in, is multi-machine aware,
asynchronous and transactional.
In Visual Studio, to start a SF Application, do File - New - Cloud - Service
Fabric Application and pick Stateful/stateless service/actor or Asp.net 5. You get an
application project (which is your deployment) and your service project. You can have several
services in an application.
You
can install Service Fabric and run your applications in your local machine
(just hit F5).
A piece of Project
Orleans ended up in the Actor service. Halo runs on the actor fabric.
To sign up for the preview, go to http://aka.ms/sfp-external.
Alan
Smith: Going global. Developing game services in Azure
Azure Service Bus supports 2000 subscribers per
service bus topic and 2000 message operations per second (one copy-to-subscriber counts as one operation).
Azure ManagementStudio seems to be a nice tool to read blobs and queues and stuff.
Even with logging all
exceptions, achievements and other telemetry data in table storage, the storage
cost for the Azure Bootcamp day was only 3 cents!
Row keys for
ordering: Ascending=zero padded, descending=large number - value (ex. longest jump
= 1000000 - jump length).
Don
Rosanova on the Service Bus Event Hub and telemetry
The event hub is a
logical container, using the underlying infrastructure. We have tested it with
1 million messages per second without issues. It works well by having a bunch
of partitions of ordered events. Scaled out. Each partition is like a transaction
log. You consume through a consumer group. Groups are like topic subscriptions
and can receive the same message once per group.
AMQP is our
preferred way to communicate with the
hub. Contains flow control. You can use the lightweight runtime API to
ask for metadata per partition - Ingres rate, current sequence Id, last
sequence id - so you can calculate how far you are behind, if at all.
You can use SOAP-UI
against service bus rest APIs.
Performance counters
for service bus .
In the documentation, when we say entity, we mean a queue,
topic or an event hub.
Use
EventProcessorHost to consume the events.
You can turn
performance counters on and off without restarting services.
You can write out logs from performance counters and set alerts when values hit a certain threshold. Per worker role.
Unlike a queue,
readers do not consume messages, they age off over time.
Think about how many
times you are reading and see which ones you can combine, especially if you are
not dealing with all events per consumer group.
Real
world 2 speed IT - Powered by Microsoft Azure and Integration
Marathon runner -
slow and steady (safe and risk averse) vs. sprinter - fast and agile (fast time to
market).
Building in
Minecraft where you have certain floor boards that sends events when you step
on them, visualizing Internet of things usage in the real world.
For two-speed it,
you could add a logic app to read state from a database and perform additional
logic, rather than changing (and risk breaking) an existing, reliable business
process.
theazurecoach.com -
competition for free training for use up to 10 people.
Mods in Minecraft
are a bit like NuGet. There's a technic launcher that has mods like computercraft, which was used in the demo.
You write Minecraft
computercraft apps in lua (Visual Studio Addon; Stand-alone editor), and there are libraries to download that lets you parse JSON and more!
Hybrid
connectivity options with the Microsoft Cloud
Integration Mondays (YouTube Playlist) discusses Azure subjects every other Monday at least.
Point-to-site VPN
lets you connect Remote Desktop to a VM in Azure through your corporate
firewall, given that the VM is a part of a virtual network.
Developing
modern solutions with Azure Active Directory
AAD and AD are two
completely different offerings from Microsoft. AAD is huge and the world's
largest identity platform.
ADAL lets you do
authentication on any platform. It provides you HTML views that you can
incorporate in your apps, letting ADAL deal with the authentication itself.
Any Microsoft
services going forward, will be authenticated using tokens issued by Azure AD.
You project you
application in Azure, so that you can describe consumers and resources
(application definition) that it want to access.
Your application
needs to continuously refresh your access tokens against AAD. This enables the
application to add restrictions, to lock out users etc.
In Azure Management Portal, click AD - new
application (more information).
ADAL does the client
side magic required to handle tokens.
If you're targeting Windows 10 exclusively, use WebAccountManager. Otherwise, use ADAL.
You can have users
log into your app if they have ANOTHER cloud account, such as Office365.
You can secure web
apps by introducing an ADAL middleware.
When you have a web
app that needs to act on an API on behalf of that user, you need to store the user's token
in the web app. Listen to the AuthorizationCodeReceived event.
For your own APIs,
set your azure app as multi tenant.
For SPAs, use
ADAL.js
Top 6
decisions you'll make on Azure
Availability set: Make
sure they update one at a time to keep at least one up at all times.
Maintaining VMs is a lot of work
- a lot!
Original cloud
services are pre-configured VMs. A lot of features are now available in the Web
Apps offering as well, making that a better option.
Worker roles are
still a strong model, apparently.
With app service
environment, you get like a mini co-location in Azure where you can separate your
subnets.
API apps can easily
talk to each other within the same resource group.
You can log into an
API through a social provider such as Twitter, however, this only really works
in mobile app space. For website - API scenarios, we need API management.
You can configure
CORS and setup identity provides via the gateway settings.
Policies - you
create product and associate them with a key - a license key. These policies
can allow you only 5 calls per day and also configure authentication provider.
The API management
does a lot of heavy lifting as far as standards based authentication, including
revocation of subscription keys with proper error messages.
If you're targetting logic or mobile apps today, use API apps. If not, you will get a better experience from the API
management story today.
You can pull a web
job into its own VM (dedicated app service plan).
Social login in
azure ad is available in preview.
Architecture Best Practices in Microsoft Azure
A big benefit you get out of the Map-Reduce pattern, is that you can separate a big chunk of data into many smaller chunk for parallel processing, thereby minimizing latency impact.
If you don't test in an Azure environment, you will get a lot of unpleasant surprises. The emulators are not perfect, and they will also not indicate how your architectural decisions will affect the price of said architecture.
In an event sourced system, you can let your command response event update the cache on your read model, reducing the need for the read model to access the database.
Using telemetry, you can glean when to optimize for queries and when to optimize for commands.
Learn to live with stale data. What does now or realtime mean for your current customer? Often time, it's not what you presume.
Comments